Yuerchu/disknext
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects 1 Releases Wiki Activity
Files
54784eea3b62b52197aa187c4fc43cc30d06b21b
disknext/middleware/auth.py
于小丘 54784eea3b Update codebase and add coverage report 
Removed an old run configuration, added a new coverage XML report, and updated multiple source files including main.py, middleware, models, routers, services, tests, and utility modules. Also updated pyproject.toml and the lock file. These changes likely include code improvements, test coverage updates, and dependency adjustments.
2025-12-26 14:56:08 +08:00

50 lines
1.3 KiB
Python
Raw Blame History

from typing import Annotated
from uuid import UUID
from fastapi import Depends
import jwt
from models.user import User
from utils.JWT import JWT
from .dependencies import SessionDep
from utils import http_exceptions
async def auth_required(
session: SessionDep,
token: Annotated[str, Depends(JWT.oauth2_scheme)],
) -> User:
"""
AuthRequired 需要登录
"""
try:
payload = jwt.decode(token, JWT.SECRET_KEY, algorithms=["HS256"])
user_id = payload.get("sub")
if user_id is None:
http_exceptions.raise_unauthorized("账号或密码错误")
user_id = UUID(user_id)
# 从数据库获取用户信息
user = await User.get(session, User.id == user_id)
if not user:
http_exceptions.raise_unauthorized("账号或密码错误")
return user
except jwt.InvalidTokenError:
http_exceptions.raise_unauthorized("账号或密码错误")
async def admin_required(
user: Annotated[User, Depends(auth_required)],
) -> User:
"""
验证是否为管理员。
使用方法:
>>> APIRouter(dependencies=[Depends(admin_required)])
"""
group = await user.awaitable_attrs.group
if group.admin:
return user
raise http_exceptions.raise_forbidden("Admin Required")
Reference in New Issue View Git Blame Copy Permalink